Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Hiawatha main configuration file
- #
- # GENERAL SETTINGS
- #
- #ServerId = www-data
- ServerId = www-data
- #ConnectionsTotal = 150
- #ConnectionsPerIP = 10
- ConnectionsTotal = 1000
- # This setting is proofed to be working for IE, firefox and chrome on Banshee 3.5, 3.7
- # Other than the above mentioned, you may need to change the value
- ConnectionsPerIP = 35
- SystemLogfile = /var/log/hiawatha/system.log
- GarbageLogfile = /var/log/hiawatha/garbage.log
- ExploitLogfile = /var/log/hiawatha/exploit.log
- LogFormat = extended
- ServerString = SimpleHTTPserver
- CGIwrapper = /usr/sbin/cgi-wrapper
- # BINDING SETTINGS
- # A binding is where a client can connect to.
- #
- Binding {
- Port = 80
- # Interface = 127.0.0.1
- # MaxKeepAlive = 30
- MaxKeepAlive = 50
- # TimeForRequest = 5,30
- # This settings is proofed to be working on IE, firefox and chrome on Banshee 3.5, 3.7
- # for slower internet connection, such as 2.5G mobile network
- # Other than the above mentioned, you may need to change the value
- TimeForRequest = 12,50
- }
- #
- #Binding {
- # Port = 443
- # Interface = ::1
- # MaxKeepAlive = 30
- # TimeForRequest = 3,20
- # SSLcertFile = hiawatha.pem
- #}
- # BANNING SETTINGS
- # Deny service to clients who misbehave.
- #
- #BanOnGarbage = 300
- #BanOnMaxPerIP = 60
- #BanOnMaxReqSize = 300
- #KickOnBan = yes
- #RebanDuringBan = yes
- BanOnGarbage = 300
- BanOnMaxPerIP = 300
- BanOnMaxReqSize = 300
- BanOnTimeout = 300
- KickOnBan = yes
- RebanDuringBan = yes
- BanOnDeniedBody = 300
- BanOnSQLi = 300
- # This settings is proofed to be working on IE, firefox and chrome on Banshee 3.5, 3.7
- # Other than the above mentioned, you may need to change the value
- BanOnFlooding = 90/1:300
- #BanlistMask = deny 192.168.20.0/24, deny 127.0.0.1
- BanlistMask = deny 127.0.0.1
- BanOnInvalidURL = 300
- BanOnWrongPassword = 3:300
- # COMMON GATEWAY INTERFACE (CGI) SETTINGS
- # These settings can be used to run CGI applications. Use the 'php-fcgi'
- # tool to start PHP as a FastCGI daemon.
- #
- #CGIhandler = /usr/bin/perl:pl
- #CGIhandler = /usr/bin/php-cgi:php
- #CGIhandler = /usr/bin/python:py
- #CGIhandler = /usr/bin/ruby:rb
- #CGIhandler = /usr/bin/ssi-cgi:shtml
- #CGIextension = cgi
- #
- #FastCGIserver {
- # FastCGIid = PHP5
- # ConnectTo = 127.0.0.1
- # Extension = php
- #}
- CGIhandler = /usr/bin/perl:pl
- CGIhandler = /usr/bin/php5-cgi:php
- CGIhandler = /usr/bin/python:py
- CGIhandler = /usr/bin/ruby:rb
- CGIhandler = /usr/bin/ssi-cgi:shtml
- CGIextension = cgi
- FastCGIserver {
- FastCGIid = PHP5
- # ConnectTo = 127.0.0.1:2005
- # ConnectTo = /var/lib/hiawatha/php-fcgi.sock
- ConnectTo = 127.0.0.1:9000
- Extension = php
- SessionTimeout = 600
- }
- # URL TOOLKIT
- # This URL toolkit rule was made for the Banshee PHP framework, which
- # can be downloaded from http://www.hiawatha-webserver.org/banshee
- #
- # The scannerblocker will ban some common scanners which with their default settings
- UrlToolkit {
- ToolkitID = scannerblocker
- Header User-Agent ^w3af.sourceforge.net Return
- Header User-Agent ^dirbuster Return
- Header User-Agent ^nikto Return
- Header User-Agent ^sqlmap Return
- Header User-Agent ^fimap Return
- Header User-Agent ^nessus Return
- Header User-Agent ^whatweb Return
- Header User-Agent ^Openvas Return
- Header User-Agent ^jbrofuzz Return
- Header User-Agent ^libwhisker Return
- Header User-Agent ^webshag Return
- Header User-Agent ^WVS Return
- Header User-Agent ^Morfeus Return
- Header User-Agent ^Fucking Return
- Header User-Agent ^Scanner Return
- Header User-Agent ^Aboundex Return
- Header User-Agent ^AlphaServer Return
- Header User-Agent ^Indy Return
- Header User-Agent ^ZmEu Return
- Header User-Agent ^social Return
- Header User-Agent ^Zollard Return
- Header User-Agent ^CLR Return
- Header User-Agent ^Camino Return
- Header User-Agent ^Nmap Return
- Header HTTP:Acunetix-Product ^WVS Return
- }
- UrlToolkit {
- ToolkitID = banshee
- RequestURI isfile Return
- Call scannerblocker
- Match ^/(css|files|images|js|slimstat)($|/) Return
- Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
- Match .*\?(.*) Rewrite /index.php?$1
- Match .* Rewrite /index.php
- }
- UrlToolkit {
- ToolkitID = monitor
- RequestURI isfile Return
- Match ^/(css|files|images|js|slimstat)($|/) Return
- Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
- Match .*\?(.*) Rewrite /index.php?$1
- Match .* Rewrite /index.php
- }
- # DEFAULT WEBSITE
- # It is wise to use your IP address as the hostname of the default website
- # and give it a blank webpage. By doing so, automated webscanners won't find
- # your possible vulnerable website.
- #
- # Make sure to change the IP address of the Hostname below with your webserver IP address.
- # This setting will cause anyone visit to your webserver with your IP address to be redirected to www.example.com.
- # So that, your webserver is under some protection of the attacks.
- Hostname = 98.139.183.24
- WebsiteRoot = /var/www/hiawatha
- #StartFile = index.html
- StartFile = index.html
- AccessLogfile = /var/log/hiawatha/access.log
- ErrorLogfile = /var/log/hiawatha/error.log
- #ErrorHandler = 404:/error.cgi
- ReverseProxy ^/.* http://www.example.com:80/
- Include /etc/hiawatha/enable-sites/
- # VIRTUAL HOSTS
- # Use a VirtualHost section to declare the websites you want to host.
- #
- #VirtualHost {
- # Hostname = www.my-domain.com
- # WebsiteRoot = /var/www/my-domain/public
- # StartFile = index.php
- # AccessLogfile = /var/www/my-domain/log/access.log
- # ErrorLogfile = /var/www/my-domain/log/error.log
- # TimeForCGI = 5
- # UseFastCGI = PHP5
- # UseToolkit = banshee
- #}
- # DIRECTORY SETTINGS
- # You can specify some settings per directory.
- #
- #Directory {
- # Path = /home/baduser
- # ExecuteCGI = no
- # UploadSpeed = 10,2
- #}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement